The US Colonial Pipeline cyberattack will reinforce the Biden administration’s push for boosting U.S. cybersecurity defences, but the rise of more professionalized ransomware groups and extortion campaigns will only lead to more cyberattacks on Western companies despite US government policy.
The Eastern European criminal group DarkSide carried out the ransomware attack, disrupting the company’s IT system, although not necessarily the pipeline systems’ operational technology directly. (Stratfor).
Bloomberg reported that hackers stole around 100 GB in two hours on 06 May, locked computers, encrypted files and demanded payment. DarkSide then threatened to publicly release the stolen data if it was not paid, a so-called double extortion ransomware attack that the group is well-known for carrying out.